Netinfo Security

Cloud-assisted Secure Digital Watermarking Based on Sparse Representation

Di XIAO, Qingqing MA, Lan WANG, Yanping XIANG

2017, 17 (1): 1-7. doi: 10.3969/j.issn.1671-1122.2017.01.001

Abstract ( 500 )

HTML ( 5 )

PDF (6856KB) ( 113 )

As one of the important branches of multimedia data security, digital watermarking has been developed rapidly because it can provide copyright protection and source certification for open network. Nowadays, digital watermarking has been widely used in the protection of multimedia information. Previously, most of the digital watermarking schemes do not consider the security of the watermark itself and the security of the verification process. In this paper, a secure watermarking scheme is proposed. In this scheme, the data owner uses sparse representation of the original data to embed watermark, and cloud can use the encrypted data and fuzzy watermark from the data owner and user to verify copyright. Since the scheme can provide security protection to both the watermark itself and the whole verification process, it is suitable for cloud application. The experimental results show that the proposed scheme is an invisible watermark scheme and can correctly verify copyright while protecting the data security of parties, including the watermark. Besides, the scheme has good robustness against noise attack.

Figures and Tables | References | Related Articles | Metrics

Pseudorandom Sequences of k Symbols Constructed by Using Ding-Helleseth Generalized Cyclotomic Classes

Huaning LIU, Bo GAO

2017, 17 (1): 8-8. doi: 10.3969/j.issn.1671-1122.2017.01.002

Abstract ( 430 )

HTML ( 2 )

PDF (5114KB) ( 180 )

Pseudorandom sequences play an important role in information security system. Although there are many sequences have been given and studied, the search for new approaches and new constructions should be continued. The construction methods and pseudorandom analysis is the main research content of pseudorandom theory. The well-distribution measure, correlation measure, collision and avalanche effect become the important indexes of pseudorandom sequences to determine good or bad. In a series of papers Mauduit and others introduced and studied the measures of finite sequences of k symbols. In this paper we construct a large family of pseudorandom sequences of k symbols with length pq by using Ding-Helleseth generalized cyclotomic classes, and study the well-distribution measure, correlation measure, collision and avalanche effect by using the properties of trigonometric identity, exponential sum and character sum.

References | Related Articles | Metrics

Research on HTTPS Configurations for E-banking Systems

Yi TANG, Zhishuang WANG

2017, 17 (1): 16-22. doi: 10.3969/j.issn.1671-1122.2017.01.003

Abstract ( 665 )

HTML ( 3 )

PDF (6508KB) ( 257 )

With the development of Internet technology, many domestic banks have offered E-banking services. Now all of the E-banking systems use HTTPS to ensure data transferred online securely. But because of the weak awareness of network security and the non-compliance with the security standards of HTTPS, such as using the unsafe cryptography algorithm, some serious security vulnerabilities are created in E-banking system while HTTPS is deployed on it . If hackers successfully exploit these vulnerabilities, the banks and customers may suffer severe losses. According to the bank directory from the China Banking Regulatory Commission’s website, this paper analyzes the HTTPS configurations of each E-banking system by way of classification, and sorts out the existing security vulnerabilities by acquiring information of certificate, protocol version, cipher suite, etc. In order to prevent safety incidents, banks should pay attention to these security vulnerabilities, and eliminate them as soon as possible.

Figures and Tables | References | Related Articles | Metrics

Task Scheduling of Cloud Computing Based on Fusion of Load Balancing and Bat Algorithm

Dongliang WANG, Junyan YI, Shihui LI, Hongxin WANG

2017, 17 (1): 23-28. doi: 10.3969/j.issn.1671-1122.2017.01.004

Abstract ( 628 )

HTML ( 1 )

PDF (5865KB) ( 237 )

For cloud computing resource allocation imbalance exists in the virtual machine scheduling, bat algorithm slow convergence speed and optimization accuracy is not high shortcomings, a method is proposed task scheduling of cloud computing based on fusion of load balancing and bat algorithm. Algorithm using load balancing to bat population data, improve the quality of the initial solution of the sample data; By Powell local search algorithm for the optimal solution for the current local search and improve the convergence speed and accuracy; when using the improved bat algorithm to allocate the virtual machine, algorithm make full use of the resources on the physical machine to achieve the optimization goal. Simulation results show that the improved algorithm has faster convergence speed and higher searching accuracy compared with other standard bat algorithm and particle swarm optimization algorithm.

Figures and Tables | References | Related Articles | Metrics

Design and Implementation on Data Storage and Analysis System of Railway Signal System Based on Big Data

Wei WANG, Zhengyu LIAO, Hui ZHANG, Dong GUO

2017, 17 (1): 29-37. doi: 10.3969/j.issn.1671-1122.2017.01.005

Abstract ( 635 )

HTML ( 2 )

PDF (7502KB) ( 124 )

This paper designs and implements a big data’s storage and analysis system of railway signal system based on Hadoop. Firstly, this paper studies the working principle of Hadoop distributed system, HDFS (the Hadoop distributed file system) and MapRedeuce model. And then, APIs of signal data analyzers about files of txt and CSV are designed. The storage, distribution and management of files and data are achieved by HDFS. According to the structure of all data files, this paper uses HBase to design methods which can find the data file in a quick time and design the API about all the operations in HBase. Finally, this paper uses ExtJS to build the front-end display page, communicate with the Hadoop platform through the server to complete the electrical characteristic analysis and log analysis, and display the data processing results with the list, graph and scatter diagram. This paper has accomplished the data mining and visualization of the work.

Figures and Tables | References | Related Articles | Metrics

Searchable Symmetric Encryption with Hidden Search Pattern

Haining LU

2017, 17 (1): 38-42. doi: 10.3969/j.issn.1671-1122.2017.01.006

Abstract ( 701 )

HTML ( 5 )

PDF (3936KB) ( 202 )

In cloud computing environment, searchable encryption lets cloud server searching on users' encrypted data directly, without leaking the information of user data and searching criteria. Existing searchable symmetric encryption schemes believe that the access pattern and search pattern will be leaked inevitably, as long as no other information is leaked, the scheme will be secure. But recent research show that the acess pattern and search pattern can leak information about the user data and searching criteria under certain circumstance. In this paper, a new symmetric searchable encryption scheme which can hide search pattern is proposed. The scheme groups each distinct word appeared in user documents, lets the words with same searching results be in the same group, and constructs same trapdoors for the words in the same group, preventing the adversaries from distinguishing. The experiments show that the search pattern of at least one half of the words can be hidden. The proportion of search pattern hidden words will be increase as the size of the documents increasing, and the extra client side storage won’t grow dramatically. Finally, a basic idea to hide search pattern of the words which have different search results is provided.

Figures and Tables | References | Related Articles | Metrics

Provable Secure Trajectory Privacy Preserving Scheme for Continuous Queries in Location-based Services

Kai ZHOU, Changgen PENG, Jianqiong HE, Yawei WANG

2017, 17 (1): 43-47. doi: 10.3969/j.issn.1671-1122.2017.01.007

Abstract ( 503 )

HTML ( 3 )

PDF (4464KB) ( 173 )

This paper proposes a provable secure trajectory privacy preserving scheme to solve the trajectory privacy leakage problem for continuous queries in location-based service. Firstly, the security model is established by analyzing the security requirement, that is indistinguishably sending messages, about the trajectory privacies for continuous queries based on Silent Cascade privacy preserving scheme. Secondly, trajectory privacy preserving scheme for continuous queries in user motion is constructed by using the bilinear mapping. Finally, the scheme is proved from the perspective of provable security, and compared the security with other schemes. The results show that the scheme not only has provable security and high quality of service, but also can resist continuous query attack.

Figures and Tables | References | Related Articles | Metrics

A MA-CP-ABE Scheme of Supporting Access Structure Hiding

Qingde HAN, Hui XIE, Zhimin YUAN, Feng NIE

2017, 17 (1): 48-56. doi: 10.3969/j.issn.1671-1122.2017.01.008

Abstract ( 627 )

HTML ( 5 )

PDF (8361KB) ( 126 )

As an effective means of fine-grained access control, attribute-based encryption mechanism is widely used in cloud services, telemedicine and other fields. At present, the research of attribute-based encryption mechanism mainly focuses on the single attribute of multi-attribute authorization mechanism; attribute dynamic revocation and access structure concealment. However, few researches on access structure hiding and multi-attribute authorization lead to multi-attribute authorization encryption mechanism cannot guarantee the security of the sensitive information brought by the access structure, and the attribute-based encryption mechanism with the access structure hiding is restricted by the attribute authority and cannot be further expanded. In this paper, based on the attribute-based encryption mechanism of ciphertext policy with multi-attribute authorization, the access structure is hidden by setting the ciphertext component, and bilinear mapping of the group of orders is used to design a support access structure Hidden MA-CP-ABE scheme, and proved that the scheme is adaptive and safe by subgroup decision problem hypothesis. This scheme is of great significance for the application of the security mechanism of extended attribute-based encryption.

Figures and Tables | References | Related Articles | Metrics

Research of Weibo Short Text Classification Based on Word2vec

Qian ZHANG, Zhangmin GAO, Jiayong LIU

2017, 17 (1): 57-62. doi: 10.3969/j.issn.1671-1122.2017.01.009

Abstract ( 1131 )

HTML ( 18 )

PDF (5018KB) ( 428 )

With the rapid expansion of new available information on Microblogging and other social media. Text automatic classification becomes imperative in order to help people locate the information he inquires and filter spam. Based on the characteristics of curse of dimensionality and lack of semantic features in Traditional text classification model, put forward a short text classify based on Word2vec model.Since Word2vec can not distinguish the weight of words, we applied weights using tf-idf weighting with Word2vec, implemented weighted Word2vec. Then we concatenated tf-idf with our word2vec weighted by tf-idf. Our results show that the combination of Word2vec weighted by tf-idf without stop words and tf-idf without stop words can outperform either Word2vec weighted by tf-idf without stop words and tf-idf with or without stop word.

Figures and Tables | References | Related Articles | Metrics

Research on a Protection Mechanism Based on Virtual Machine Customization

Jiajia LIU, Yan YU, Hengwei HU, Jiashun WU

2017, 17 (1): 63-67. doi: 10.3969/j.issn.1671-1122.2017.01.010

Abstract ( 617 )

HTML ( 2 )

PDF (4331KB) ( 234 )

The rapid development of mobile Internet has been promoting the development of smart phone applications, Android system soon became the largest market share of smart phone system because of the characteristics of open source. Meanwhile Android application has become an important target for attackers due to the third-party application market imperfect regulation, resulting in Android application faces repackaging, tampering and other security threats.In order to make reverse analysis of Android APP DEX file more difficult,this paper proposes an android application protection method based on the custom virtual machine.First extract the instructions and attribute informations of protected method,then transform them into a custom instruction format according to certain rules.Next,explain virtual instruction execution using a self-defined VM interpreter.Finally,realizate a lightweight prototype system,take the open source applications as test samples to complete the experimental verification. Experimental results show that this method can improve the unreadability of the code effectively,and thus increase the difficulty of the reverse analysis of the attacker at lower cost of time and space overhead.

Figures and Tables | References | Related Articles | Metrics

Research on Taint Backtracking Reverse Analysis Method of Network Encoding Protocol

Junfeng GAO, Yuefeng ZHANG, Senlin LUO, Ji ZHANG

2017, 17 (1): 68-76. doi: 10.3969/j.issn.1671-1122.2017.01.011

Abstract ( 519 )

HTML ( 1 )

PDF (8682KB) ( 69 )

This paper proposes a method of taint backtracking. Firstly, this method carries on the dynamic debugging to the network application procedure, locates network interface functions and network output buffers, determines the single minimum execution trajectory interval. Secondly, it performs all of the initial memory addresses in the track section by performing a path analysis calculation. And then the memory cache is applied to the application program, and the entrance state of the trajectory interval is buffered and restored after a single execution of the calculation. Finally, the address of the memory data before coding is obtained by the pollution source localization algorithm. Experimental results show that this method can effectively locate the pre-coding memory address, and it is suitable for different types of coding protocols, including encryption, compression and verification. On the one hand, this method can analyze the syntax information of the encoding protocol by using the memory data before encoding, and improve the syntax analysis ability of the encoding protocol. On the other hand, using the encoding function entry address and the pre-coding memory address, it can generate the network protocol test data that can be detected through integrity, and improve the capabilities of vulnerabilities discovery of the encoding protocol.

Figures and Tables | References | Related Articles | Metrics

Design and Research on Malicious Web Sites Prevention Model Based on OpenFlow

Haoming LIANG, Chunlin CHEN, Xi LIU, Zhipeng LIU

2017, 17 (1): 77-83. doi: 10.3969/j.issn.1671-1122.2017.01.012

Abstract ( 562 )

HTML ( 1 )

PDF (5310KB) ( 129 )

With the development of the Internet, more and more people perform the payment and transfer procedures in life and work at home by browsing Web sites or clients. Also with the increase of network frauds and other criminal cases, malicious Web site becomes the main means of fraud. SDN network has the ability to flexibly deploy cyber sources ,which can be used to prevent the malicious sites very well. This paper proposes a malicious Web site protection model based on OpenFlow which processes DNS access requests from client on Floodlight controller by using the characteristic that control and forwarding is separated in SDN, which ensures that the normal Web sites can be accessed on the premise of the malicious Web sites interception.

Figures and Tables | References | Related Articles | Metrics

Research on Data Security Protection Method Based on Privacy Awareness in Cloud Computing

Guohua BAO, Shengyu WANG, Yunfa LI

2017, 17 (1): 84-89. doi: 10.3969/j.issn.1671-1122.2017.01.013

Abstract ( 437 )

HTML ( 4 )

PDF (5766KB) ( 183 )

In cloud computing, it involves data owner, remote cloud server, user, and data communications during data resources provide services to users. In the whole service process of data resources, the data will be first sent to the remote cloud server by data owner and stored in the remote cloud server. Then, user accesses the required data from the remote cloud server. In the process of the service, the data resources stored in the remote cloud server are no longer controlled and managed by the data owner. As a result, the privacy of data faces many security problems. In this situation, it has become an important problem that how to protect the security of data privacy. In order to solve this problem, we propose a data security protection method based on privacy awareness according to the working principle of data service in the cloud computing. In the data security protection method, we put forward the architecture of data privacy protection. Then, we put forward a novel privacy awareness security algorithm. In order to justify the feasibility of the protection method, the safety performance of the protect method is analyzed.

Figures and Tables | References | Related Articles | Metrics

Table of Content